Implicit Sensor-based Authentication of Smartphone Users with Smartwatch

Lee, Wei-Han; Lee, Ruby

doi:10.1145/2948618.2948627

Cited by 59 publications

(37 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…However, since the accuracy is not 100%, it may not authenticate the real user of the smartphone. To overcome this issue, these systems are used as a second authentication system and reauthentication [57] or continuous authentication systems [71,72]. In this method, username and password are still utilized for authentication; however, for continuous authentication of the user during sessions, the phone keeps track of the user's touching and tapping behavior.…”

Section: Hidden Information Inferring Applicationsmentioning

confidence: 99%

Sensors of Smart Devices in the Internet of Everything (IoE) Era: Big Opportunities and Massive Doubts

et al. 2019

View full text Add to dashboard Cite

Smart device industry allows developers and designers to embed different sensors, processors, and memories in small-size electronic devices. Sensors are added to enhance the usability of these devices and improve the quality of experience through data collection and analysis. However, with the era of big data and machine learning, sensors’ data may be processed by different techniques to infer various hidden information. The extracted information may be beneficial to device users, developers, and designers to enhance the management, operation, and development of these devices. However, the extracted information may be used to compromise the security and the privacy of humans in the era of Internet of Everything (IoE). In this work, we attempt to review the process of inferring meaningful data from smart devices’ sensors, especially, smartphones. In addition, different useful machine learning applications based on smartphones’ sensors data are shown. Moreover, different side channel attacks utilizing the same sensors and the same machine learning algorithms are overviewed.

show abstract

Section: Hidden Information Inferring Applicationsmentioning

confidence: 99%

Sensors of Smart Devices in the Internet of Everything (IoE) Era: Big Opportunities and Massive Doubts

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Recently, implicit continuous authentication for smartphones called iAuth [35] which leverages motions recorded in the smartphone and wearable device was introduced, and was later extended to SmarterYou [36] with contextawareness. Their schemes are based on the idea that the behavioral patterns collected in both devices are distinct from each person and each moving context.…”

Section: • Wearauth Reduces the Communication Overhead By Us-mentioning

confidence: 99%

WearAuth: Wristwear-Assisted User Authentication for Smartphones Using Wavelet-Based Multi-Resolution Analysis

Kang

Jeong

et al. 2019

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Zero-effort bilateral authentication was introduced recently to use a trusted wristwear to continuously authenticate a smartphone user. A user is allowed to use the smartphone if both wristwear and smartphone are determined to be held by the same person by comparing the wristwear's motion with the smartphone's input or motion, depending on the grip-which hand holds the smartphone and which hand provides the input. Unfortunately, the scheme has several shortcomings. First, it may work improperly when the user is walking since the gait can conceal the wrist's motions of making touches. Second, it continuously compares the motions of the two devices, which incurs a heavy communication burden. Third, the acceleration-based grip inference, which assumes that the smartphone is horizontal with the ground is inapplicable in practice. To address these shortcomings, we propose WearAuth, wristwear-assisted user authentication for smartphones in this paper. WearAuth applies waveletbased multi-resolution analysis to extract the desired touch-specific movements regardless of whether the user is stationary or moving; uses discrete Fourier transform-based approximate correlation to reduce the communication overhead; and takes a new approach to directly compute the relative device orientation without using acceleration to infer the grip more precisely. In two experiments with 50 subjects, WearAuth produced false negative rates of 3.6% or less and false positive rates of 1.69% or less. We conclude that WearAuth operates properly under various usage cases and is robust to sophisticated attacks.

show abstract

“…For example, fingerprint identification needs users to put their finger on the scanner. Hence, these approaches requiring user compliance cannot achieve continuous and implicit identification [11] which was an ultimate goal of our proposed system to overcome.…”

Section: Related Workmentioning

confidence: 99%

“…Mare et al [22] proposed a two-fold legitimate user identification model in which the signals sent from a bracelet worn on the user's wrist are correlated with the operations of the terminal to confirm the continued presence of the user if the two movements correlate according to a few coarse-grained actions. Lee and Lee [11] proposed a legitimate user identification system named iAuth for implicit but continuous user identification in which the end user is identified based on their behavioral characteristics by leveraging the built-in sensors. ey have built a system which gives better identification than previously possible using sensor data from multiple devices and machine learning techniques.…”

mentioning

confidence: 99%

Smartwatch-Based Legitimate User Identification for Cloud-Based Secure Services

Alqarni

Khan

et al. 2018

Mobile Information Systems

View full text Add to dashboard Cite

Smartphones are ubiquitously integrated into our home and work environment and users frequently use them as the portal to cloud-based secure services. Since smartphones can easily be stolen or coopted, the advent of smartwatches provides an intriguing platform legitimate user identification for applications like online banking and many other cloud-based services. However, to access security-critical online services, it is highly desirable to accurately identifying the legitimate user accessing such services and data whether coming from the cloud or any other source. Such identification must be done in an automatic and non-bypassable way. For such applications, this work proposes a two-fold feasibility study; (1) activity recognition and (2) gait-based legitimate user identification based on individual activity. To achieve the above-said goals, the first aim of this work was to propose a semicontrolled environment system which overcomes the limitations of users’ age, gender, and smartwatch wearing style. The second aim of this work was to investigate the ambulatory activity performed by any user. Thus, this paper proposes a novel system for implicit and continuous legitimate user identification based on their behavioral characteristics by leveraging the sensors already ubiquitously built into smartwatches. The design system gives legitimate user identification using machine learning techniques and multiple sensory data with 98.68% accuracy.

show abstract

Implicit Sensor-based Authentication of Smartphone Users with Smartwatch

Cited by 59 publications

References 28 publications

Sensors of Smart Devices in the Internet of Everything (IoE) Era: Big Opportunities and Massive Doubts

Sensors of Smart Devices in the Internet of Everything (IoE) Era: Big Opportunities and Massive Doubts

WearAuth: Wristwear-Assisted User Authentication for Smartphones Using Wavelet-Based Multi-Resolution Analysis

Smartwatch-Based Legitimate User Identification for Cloud-Based Secure Services

Contact Info

Product

Resources

About